Vulnerability Scanning and Penetrating Testing, Do I need both?

As an auditor and cybersecurity professional I often find there is confusion between vulnerability scanning and penetration tests. Often people will use the terms interchangeably. However, they are very different tests, testing different things for different reasons. Join this webinar and learn the differences and some best practices to get the best bang for your buck. This session will include a demonstration on how Qualys can help organizations manage vulnerabilities and monitor their systems.

As an IT auditor for local governments, one of the most often asked I get during audits is who should setup user access in the financial application. There is a debate of whether it should be IT or finance staff that create accounts and setup access. As with any professional my answer is it depends. It depends upon other controls that might be in place. What I like to do with clients is walk them through the needs and risks to help them design and understand the process they come up with. Let’s walk thought the logic and see what might be the best answer for your organization. Plus, we will answer a question from a listener on hacking Instagram accounts.

As an auditor and cybersecurity professional I often find there is confusion between vulnerability scanning and penetration tests. Often people will use the terms interchangeably. However, they are very different tests, testing different things for different reasons. Join this webinar and learn the differences and some best practices to get the best bang for your buck. This session will include a demonstration on how Qualys can help organizations manage vulnerabilities and monitor their systems.

Policies, Plans, Procedures and supporting documentation. We will cover the types of cybersecurity documents an organization may have, what topics they should cover, and guidelines on what should be included in your policies. We will also focus on the unique challenges and opportunities for state and local governments. Cities, Districts and Counties have an advantage on policy development.

Cyber threats continue to evolve and become more sophisticated. The majority of hacks and attacks exploited one vulnerability, people. Today’s threat landscape requires focusing on the traditional weakest link, people. One of today’s largest challenges is having management invest in cybersecurity awareness and training. Don’t leave you first and last line of defense defenseless.

Part 2 There has been a rise in the Nation State sponsored, backed, or directed cyber-attacks if not at least an awareness of such attacks. Whether it is a rise in the Nation State cyber-attacks or just the awareness of it, I think it is time to take a look at Nation States as a serious threat actor and start to look at what we know about them. Their motivation and capabilities differ from the traditional hackers and cybercriminals and as such may require a different response in mitigating threats.

There has been a rise in the Nation State sponsored, backed, or directed cyber-attacks if not at least an awareness of such attacks. Whether it is a rise in the Nation State cyber-attacks or just the awareness of it, I think it is time to take a look at Nation States as a serious threat actor and start to look at what we know about them. Their motivation and capabilities differ from the traditional hackers and cybercriminals and as such may require a different response in mitigating threats.

Covering cybersecurity focused on the issues surrounding the challenges of small organizations and local governments. We will be coving issues related to compliance, PCI, NIST, audit findings, IT governance & management, disruptive technologies, current risks, common vulnerabilities, and suggested remediation.